function downloadBaseLog($formvars = array()) { $mdb = $this->mdb; // add all missing keys to array fixFormVars($formvars, array('IDbase')); // security check $base = $mdb->queryFirstRow("SELECT IDbase FROM base WHERE IDbase = %i AND IDaccount = %i", $formvars['IDbase'], $_SESSION['IDaccount']); if (count($base) === NULL) { return false; } $path = server_basesock_log_path; $file = $path . $base['IDbase'] . '.json'; if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); die; } return false; }
function doRegister($formvars = array()) { $tpl = $this->tpl; // add all missing keys to array fixFormVars($formvars, array('email', 'password', 'password_again', 'terms')); $mdb = $this->mdb; $emailDomain = substr(strrchr($formvars['email'], "@"), 1); global $BAD_EMAIL_DOMAINS; if (!filter_var($formvars['email'], FILTER_VALIDATE_EMAIL)) { $this->error = 'email_missing'; return false; } elseif (in_array(strtoupper($emailDomain), $BAD_EMAIL_DOMAINS)) { $this->error = 'email_missing'; return false; } elseif (strlen($formvars['password']) < 6) { $this->error = 'password_missing'; return false; } elseif ($formvars['password'] != $formvars['password_again']) { $this->error = 'password_mismatch'; return false; } elseif ($formvars['terms'] != '1') { $this->error = 'terms'; return false; } // reCAPTCHA validation enabled? if (reCAPTCHA_PRIVATE_KEY != '') { // recaptcha is replaced with recaptcha2 /* $reCAPTCHA_RESPONSE = recaptcha_check_answer (reCAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$reCAPTCHA_RESPONSE->is_valid) { $this->error = 'recaptcha'; return; } */ if (!isset($formvars['g-recaptcha-response']) || !recaptcha2_verify(reCAPTCHA_PRIVATE_KEY, $formvars['g-recaptcha-response'], $_SERVER["REMOTE_ADDR"])) { $this->error = 'recaptcha'; return; } } // validate e-mail now $account = $mdb->queryFirstRow("SELECT * FROM account WHERE email = %s LIMIT 1", $formvars['email']); if ($account !== NULL) { $this->error = 'email_used'; return false; } // we validated everything but e-mail so far $hashedpassword = create_hash($formvars['password']); // insert into database $mdb->insert('account', array('email' => $formvars['email'], 'password' => $hashedpassword, 'active' => 0)); // send activation e-mail $this->resendActivationEmail($formvars['email']); return true; }